Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Perseus Android note-stealing and remote-control malware activity

Malware Activity
First reported
Last updated
Happening score
H score 21
2 unique sources, 2 articles

Summary

Hide ▲

The Perseus Android malware is now being used to inspect user notes for secrets, creating theft risk for passwords, recovery phrases, and financial data. It is also distributed through unofficial IPTV apps and can enable full device takeover, screenshot capture, overlay attacks, and keylogging. The activity is notable because it combines credential theft with hands-on remote control and targets financial institutions in Turkey and Italy plus crypto services.

Related Happenings

BTMOB Android RAT no-code builder malware activity

Malware Activity
First: 26.05.2026 17:00 Last: 26.05.2026 17:00 Sources 1

About this happening: The **BTMOB** Android RAT is spreading through **phishing campaigns** across **Brazil and beyond**, raising the risk of **custom payload delivery** and **remote device takeover**....

Open Happening

Google rolls out Android Intrusion Logging in Android Advanced Protection Mode

Security Tool/Service
First: 14.05.2026 16:30 Last: 14.05.2026 16:30 Sources 1

About this happening: Google has released **Android Intrusion Logging** for **Android Advanced Protection Mode**, giving **high-risk Android users** encrypted forensic logs to investigate suspected **s...

Open Happening

Android Intrusion Logging forensic logging rollout for spyware investigations

Security Tool/Service
First: 13.05.2026 09:55 Last: 13.05.2026 09:55 Sources 1

About this happening: **Android** is adding **Intrusion Logging**, an opt-in forensic feature in **Advanced Protection Mode** that preserves device and network activity for suspected spyware compromise...

Open Happening

Android 17 expands platform security and privacy protections

Security Tool/Service
First: 12.05.2026 20:00 Last: 12.05.2026 20:00 Sources 1

About this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...

Open Happening

Apple and Google Messages beta rollout of cross-platform E2EE RCS

Security Tool/Service
First: 12.05.2026 16:00 Last: 12.05.2026 16:00 Sources 1

About this happening: Apple and Google have begun a **beta rollout** of **end-to-end encrypted RCS** between **iPhone** and **Android** devices, materially reducing carrier and in-transit visibility fo...

Open Happening

Timeline

  1. 19.03.2026 12:13 2 articles · 2mo ago

    Perseus Android malware disclosure

    Initial Disclosure

    Perseus is a new Android malware family distributed through unofficial IPTV apps that can bypass Android 13+ sideloading restrictions, abuse Android Accessibility Services, capture screenshots, launch overlay attacks, keylog, and take full remote control of infected devices. The malware also scans notes in Google Keep, Xiaomi Notes, Samsung Notes, ColorNote, Evernote, Microsoft OneNote, and Simple Notes for passwords, recovery phrases, and financial data, while targeting financial institutions in Turkey and Italy plus crypto services.

    Show sources
    Open in new tab